Recording a test by Jmeter causing errors "NET::ERR_CERT_AUTHORITY_INVALID" & "ERR_PROXY_CONNECTION_FAILED" & "..." JMeter proxy certificate**

Question

started recording my test on macOS, with below steps and I am receiving BELOW RESULTS

1. ERR_PROXY_CONNECTION_FAILED "If you use a proxy server… Check your proxy settings or contact your network administrator to make sure that the proxy server is working. If you don't believe you should be using a proxy server: Go to Applications > System Preferences > Network > Advanced > Proxies and deselect any proxies that have been selected."

2. Went to JMeter result tree Response message: 2.1 Connection reset ensure browser is set to accept the JMeter proxy certificate 443 2.2 Response message:Received fatal alert: certificate_unknown ensure browser is set to accept the JMeter proxy certificate

JMeter test Steps:

1. Go to Jmeter and select "Recording" from "Templates"
2. provided paramters due creation hostToRecord: www.tesla.com/en_eu recording file: recordingtesla.xml scheme to record: https
3. STRANGE THING: Template was created, but going to "User Defined Variables" I see another value provided (another website, which I have used couple of times in my previous tests?)
4. STRANGE THING 2 Going to "Https Test Script Recorder, field domains use the same website, from point 3 (again i HAVE PROVIDED tesla and I can see a previously used website??)
5. HTTP(S) Script recorder and port set to 8888 (saved)
6. User Defined Variables -> name: host, value: AGAIN the same website from point 3 &4 (used previously, not putting it for this test) name: scheme, value: https
7. RECORDING
8. Going to "HTTP(S) Test Script Recorder", pressing start button -(Root ca showing up) -Target Controller is a Recording controller -Grouping is Do not group samplers -Went to tesla website (was already opened before I have pressed "Start" -I click someting on tesla website and test stopped

1. DNS Servers 8.8.8.8

2. Proxies settings for all of below (and selected) is localhost: 8888 Web HTTP Secure Web HTTPS FTP SOCKS Streaming Gopher

3Auto Proxy Discover (without selected localhost & 8888- no fields for this)

Jmeter certyficate should be valid till 2024, I have renewed certyficate, following this instruction -> https://stackoverflow.com/questions/64043676/cannot-update-jmeter-root-ca-certificate​ BUT IN KEYCHAIN **Expired: Monday, 26 December 2022 at 10:52:55 Central European Standard Time marked as trusted **

4. am using Chrome browser

Answer 1

I were having the same issue and was that I'm connected to a VPN service. I disconnected it and all works perfectly.

Answer 2

It works for now but, still seems not correct

1. When I set proxy.cert.dynamic_keys false and it finally started recording with some 200 statuses: Use dynamic key generation (if supported by JMeter/JVM). If false, will revert to using a single key with no certificate. Defaults to: true BUT SOME TESTS ARE STILL 443 because of cert Response message:Connection reset ensure browser is set to accept the JMeter proxy certificate

2. Tried your recommendations also uninstalled and installed JMeter again, cleared and using Firefox for now, cert is valid until 16.01.2023, I have set jmeter.properties file to “#proxy.cert.validity=365” (with hash) and I have checked Firefox -> settings -> cert view and there is 16.01.2023 so looks like again I have to uninstall and install again?

3. Is it correct that when test finished and I want to user browser + internet again I need to go to Firefox settings -> proxy and set back from manual mode (localhost 8888 + https) to no proxy? If I stay with manual there is an error: “The proxy server is refusing connections

An error occurred during a connection to www.tesla.com.

Check the proxy settings to make sure that they are correct.
Contact your network administrator to make sure the proxy server is working.”

Answer 3

1. Delete the certificate from the keychain completely

2. Delete proxyserver.jks and ApacheJMeterTemporaryRootCA.crt files in "bin" folder of your JMeter installation

3. Clear your Chrome browsing history completely

4. When creating the recording test plan from the template use www.testla.com without any paths

5. When you start the HTTP(S) Test Script Recorder JMeter will generate new ApacheJMeterTemporaryRootCA.crt file. Default validity is 7 days unless you change proxy.cert.validity property

6. Import this certificate into your browser. At this stage I would suggest using Firefox instead of Chrome because:

   • Firefox has its own certificates storage and Chrome uses the system one
   • Firefox has its own proxy configuration and Chrome uses the system one

7. It would be also a good idea to exclude other domains than tesla.com from recording scope

8. Your recording should be successful

Also be aware of an alternative way of recording a JMeter test: JMeter Chrome Extension, in this case you won't have to worry about proxies and certificates